Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/DnfvoHk26uQBqwY74iVEkovhu-M.roa
File: DnfvoHk26uQBqwY74iVEkovhu-M.roa (raw, json)
Hash identifier: 9tTGtdywgLWpzwmGeYwYvgljB4fpp7EYWgdsqvOXikE=
Subject key identifier: 0E:77:EF:A0:79:36:EA:E4:01:AB:06:3B:E2:25:44:92:8B:E1:BB:E3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0196B46B91EE958B0C7DBE89267373CBDE42
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/DnfvoHk26uQBqwY74iVEkovhu-M.roa
Signing time: Fri 09 May 2025 09:41:10 +0000
ROA not before: Fri 09 May 2025 09:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
194.39.216.0/24 maxlen: 24
2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 09:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:6b:91:ee:95:8b:0c:7d:be:89:26:73:73:cb:de:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 9 09:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e77efa07936eae401ab063be22544928be1bbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:03:f6:53:c5:6d:72:4a:e2:af:1c:88:03:b9:
49:c1:be:97:02:8e:b1:11:d0:de:a0:4e:11:dd:f7:
2a:82:31:e3:68:7c:88:f2:aa:b2:f1:cc:ca:d7:b3:
e8:65:3e:58:23:57:a9:7f:c6:c3:25:5b:d8:e1:e3:
22:e7:5a:17:4a:bc:cb:03:fd:87:5b:f7:83:81:c6:
41:e9:4c:98:ab:bc:78:47:7c:63:38:0f:76:d5:f6:
37:da:2a:4c:2b:e7:5a:45:80:ac:2c:d7:17:31:4b:
84:9c:b4:c7:b7:d6:1f:53:fe:7a:63:8e:86:4f:77:
48:1f:8e:97:a2:5f:e8:48:21:0b:ca:a7:9e:b1:bb:
af:15:ca:05:06:4b:64:d8:09:42:20:35:03:5f:94:
bb:1f:7f:49:0f:06:68:21:a5:22:9d:20:36:98:ff:
e5:62:b3:9e:aa:8f:be:29:26:e6:a4:69:b9:20:c8:
f0:9d:93:75:8c:ab:2e:ec:b0:3d:dd:37:b2:94:90:
4e:7b:f4:b0:80:20:6c:08:cd:dc:4e:80:61:0d:8f:
49:27:82:ac:68:7d:de:98:4f:f3:04:58:f1:72:93:
c7:0e:5b:73:5d:4e:0b:cf:1d:ad:a1:5e:15:5f:c9:
a2:e3:ae:f8:ad:f0:b8:3b:94:d0:73:cb:2f:b5:39:
ea:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:77:EF:A0:79:36:EA:E4:01:AB:06:3B:E2:25:44:92:8B:E1:BB:E3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/DnfvoHk26uQBqwY74iVEkovhu-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
194.39.216.0/24
IPv6:
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
31:e1:9c:ef:f5:1e:db:03:05:1d:0e:a2:58:18:e8:63:11:dc:
1a:39:b5:81:5b:0c:00:8f:9d:91:68:d4:4a:10:13:0b:e2:11:
53:d5:bb:65:18:61:ac:32:52:f7:aa:61:b4:c8:66:cc:f1:a8:
cc:db:43:a2:42:df:b4:3f:e4:a7:d1:c2:f5:66:09:6a:40:c9:
4d:cb:0b:19:50:32:c3:6e:f4:ad:04:9c:87:12:85:65:10:7b:
f7:b8:f3:27:10:cc:95:89:03:29:8e:22:cb:76:dd:ad:ad:9c:
60:64:54:48:3f:8b:c9:88:37:6a:43:db:a0:22:9d:46:c4:99:
ed:4b:71:39:57:c5:7e:30:b9:38:5c:2b:80:e2:f7:48:5b:08:
36:e6:51:29:df:f9:d8:3e:25:3a:de:b7:9a:cd:4c:bb:b6:b7:
ef:ba:92:36:78:c8:ce:fe:aa:3a:b6:18:97:7c:61:64:bd:b6:
53:f8:3c:a8:b1:c9:60:85:85:d6:98:38:e5:bf:a6:de:82:63:
94:7c:19:f0:78:b6:bf:bf:3d:22:07:01:84:c5:a9:2c:34:ae:
b7:30:b0:a6:26:5d:46:4d:40:48:b9:bc:cd:03:4d:56:1e:4c:
b6:ea:09:d6:97:34:3c:4f:84:bd:4a:59:3d:7f:35:cd:95:a6:
1b:a3:dc:34
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZa0a5HulYsMfb6JJnNzy95CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNTA5MDk0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc3ZWZhMDc5MzZlYWU0MDFhYjA2M2JlMjI1NDQ5MjhiZTFiYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAP2U8VtckrirxyIA7lJwb6XAo6x
EdDeoE4R3fcqgjHjaHyI8qqy8czK17PoZT5YI1epf8bDJVvY4eMi51oXSrzLA/2H
W/eDgcZB6UyYq7x4R3xjOA921fY32ipMK+daRYCsLNcXMUuEnLTHt9YfU/56Y46G
T3dIH46Xol/oSCELyqeesbuvFcoFBktk2AlCIDUDX5S7H39JDwZoIaUinSA2mP/l
YrOeqo++KSbmpGm5IMjwnZN1jKsu7LA93TeylJBOe/SwgCBsCM3cToBhDY9JJ4Ks
aH3emE/zBFjxcpPHDltzXU4Lzx2toV4VX8mi4674rfC4O5TQc8svtTnqGQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFA5376B5NurkAasGO+IlRJKL4bvjMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvRG5mdm9IazI2dVFCcXdZNzRpVkVrb3ZodS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQBLY3MAwQA
LZQzAwQAwifYMBsEAgACMBUDBQAqDJ4GAwUCKg6pRAMFAioPO4AwDQYJKoZIhvcN
AQELBQADggEBADHhnO/1HtsDBR0OolgY6GMR3Bo5tYFbDACPnZFo1EoQEwviEVPV
u2UYYawyUveqYbTIZszxqMzbQ6JC37Q/5KfRwvVmCWpAyU3LCxlQMsNu9K0EnIcS
hWUQe/e48ycQzJWJAymOIst23a2tnGBkVEg/i8mIN2pD26AinUbEme1LcTlXxX4w
uThcK4Di90hbCDbmUSnf+dg+JTret5rNTLu2t++6kjZ4yM7+qjq2GJd8YWS9tlP4
PKixyWCFhdaYOOW/pt6CY5R8GfB4tr+/PSIHAYTFqSw0rrcwsKYmXUZNQEi5vM0D
TVYeTLbqCdaXNDxPhL1KWT1/Nc2Vphuj3DQ=
-----END CERTIFICATE-----
Generated at Mon May 12 17:50:09 2025 by rpki-client